Earlier this month (January 2018) VMware released Horizon 7.4, and with that I wanted to share some updates in regard to the network port requirements. My good colleagues over in the EUC Technical Marketing team are doing a fine job of maintaining the diagram and have recently published a white paper PDF which you’ll find here. It’s a beast of a document and highly recommended if you are deploying a VMware Horizon architecture in your environment.

An important consideration when using this network ports diagram, is that it doesn’t necessarily contain all non-VMware related ports such as Active Directory, DNS, NTP, SMB and so on. In fact one of my colleagues in the Office of the CTO mentioned this, since one of his customers ran into an issue where TCP port 135 was blocked, but this was required when joining a Pod to a federation (Cloud Pod Architecture). I thought this would be a good opportunity to describe what Cloud Pod Architecture is doing behind the scenes and provide some updates. [Read more…] about VMware Horizon 7.4 Network Ports for Cloud Pod Architecture

After writing a series of blog posts and guides on CentOS for several years now, as part of my Essential Linux Skills with CentOS 7 series, I have decided to publish a free eBook covering the complete guide on setting up your own highly secure web server for blogging (WordPress). Linux is still a hobby, and while it comes in handy for my day job, it has been long since I was a Linux administrator. I once remember someone describing it as an art.

While many of my readers and followers are highly skilled technical consultants and VMware architects, building and maintaining a secure and stable web server for WordPress can pose some challenges. For one, it requires a solid understanding of the Linux operating system and nuances of security with mechanisms such as SELinux. Also it takes time to learn, master and manage. However, I feel the many benefits outweigh these challenges and running your own WordPress blog can be very rewarding. One area I decided to focus heavily on is SELinux. It is often disabled and ignored, and often misunderstood.

Many of us are also on a budget, so simply using AWS Route53, some EC2 nodes and a load-balancer with CloudFront can be costly when considering egress bandwidth charges. I have used various VPS (Virtual Private Server) providers in the past, and recently decided to move back to Linode. I was a customer for several years until I moved to another provider following their ‘Twelve Days of Crisis‘ nightmare. However, the fact that Linode have been so open and having received excellent support in the past I opted to move back and I’m really pleased I did. They are currently offering a $10 a month Linode 2GB plan which comes with 1 vCPU core, 30GB SSD storage, and 2TB transfer per month. For $20 you’ll get 4GB RAM, 2 vCPU cores and 3TB of network transfer.

I frequently get asked questions on the new Horizon API module for PowerCLI 6.5 (R1), so I thought I’d share some of my notes on getting started with this incredibly useful new API for Horizon. It is hard to imagine working with any virtualization or cloud technology without adding API functionality into the mix. I use the Dropbox API to store database backups for this very blog. I heavily rely on the API provided by DigitalOcean, who hosts the Linux VPS this blog is running on. After speaking to some of my friends in VMware Professional Services, it suddenly dawned on me how a large part of their day is helping customers use APIs for our products. It has come along in leaps and bounds compared to the older SDKs and APIs available a few years back.

You don’t need to be a coder to take advantage of the Horizon API, but mastering the basics of scripting and API interaction is key to becoming a successful VMware guru!

I’ve been maintaining my own web server for this WordPress blog for several years now, dating back to 2005 when I first starting using CentOS 4 to run my website. Those were the days I switched from authoring websites with Dreamweaver and FTP, to using WordPress and ditching those antiquated tools alltogether. Talking of antiquated, I’ve been working with Unix since 1992 and was a Linux sysadmin for an ISP for several years after that. I’ve also been learning along the way with each release of CentOS/RHEL, and I have taken much more notice of security hardening including the use of SELinux.

As an experiment, I posted a tweet last night merely mentioning SELinux which resulted in some predictable responses including:

I really don’t blame them for disliking SELinux, it seems that is a majority opinion. But I hope to change that! If I can get it working and playing nicely with my WordPress site then so can you. The reason I use SELinux isn’t to make my life any more difficult (though that could be true at times!), but it helps me better understand the inner-workings of CentOS 7 better, while providing significant levels of security.

Advanced Home Networking In 2017

For as long as I can remember I have never really had what you would call a ‘typical’ home network. Back in the early 2000s I had a Cisco home lab which included two Cisco 2610 routers that a friend gave me. I ended up using these to create a home DMZ for my WiFi network, which was still WEP in those days so I was a little paranoid about security. While this was great for my study, I was also able to use it for real world purposes. One application was my car. That’s right, in 2004 I had a WiFi connected car. This was before I had kids, so I decided to install a Shuttle XPC in the back of my Honda Accord Type-R, with a touch screen in the front console with full-screen Winamp for my MP3 collection. I won a few trophies at the UK sound-off competitions back then. All good fun.

For the past few years I have been using a Draytek Vigor 2925n. My original intent for purchasing this when I lived in England, was to do something about my slow internet speed. I wasn’t able to get cable, so my internet was limited to VDSL2 technology (BT Infinity in my case). Due to the distance from the cabinet (DSLAM) being over 1.1 kilometers, I was lucky to get 11Mbps download speed and 1.5Mbps upload. Using the 2925n I was able to load-balance across these connections to double my speed. Kind of. It’s not true bonded DSL, so each connection can only use one of the DSL lines, but it still helped a lot. It was also useful for bypassing certain geo-restrictions (ahem, Netflix), since it was easy enough to create another SSID which was tied to a VPN service. [Read more…] about Configuring DD-WRT on the Linksys WRT1900ACS for Multiple WiFi SSID and VPN Setup